From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Daniel Kahn Gillmor Newsgroups: gmane.emacs.bugs Subject: bug#17391: Bug#745553: emacs24-el: mml2015-always-trust should default to nil, not t Date: Wed, 25 Jan 2017 15:30:33 -0500 Message-ID: <87a8aenaqe.fsf@alice.fifthhorseman.net> References: <20140422190613.18043.21415.reportbug@alice.fifthhorseman.net> <877g6eilsp.fsf@trouble.defaultvalue.org> <53640041.7070703@fifthhorseman.net> <87k29jvyzc.fsf@gnus.org> <87a8aehpf8.fsf@informationelle-selbstbestimmung-im-internet.de> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Trace: blaine.gmane.org 1485376313 4530 195.159.176.226 (25 Jan 2017 20:31:53 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Wed, 25 Jan 2017 20:31:53 +0000 (UTC) Cc: 745553@bugs.debian.org, 17338@debbugs.gnu.org, Justus Winter , 745553-forwarded@bugs.debian.org, 17391@debbugs.gnu.org, rlb@defaultvalue.org, "Neal H. Walfield" To: Jens Lechtenboerger , Lars Ingebrigtsen Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Wed Jan 25 21:31:48 2017 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWUDl-0006A3-GS for geb-bug-gnu-emacs@m.gmane.org; Wed, 25 Jan 2017 21:31:09 +0100 Original-Received: from localhost ([::1]:34390 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cWUDn-0002Jp-D2 for geb-bug-gnu-emacs@m.gmane.org; Wed, 25 Jan 2017 15:31:11 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:36278) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cWUDh-0002Jf-Jq for bug-gnu-emacs@gnu.org; Wed, 25 Jan 2017 15:31:07 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cWUDe-0003gO-Nx for bug-gnu-emacs@gnu.org; Wed, 25 Jan 2017 15:31:05 -0500 Original-Received: from debbugs.gnu.org ([208.118.235.43]:45356) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cWUDe-0003gK-LH for bug-gnu-emacs@gnu.org; Wed, 25 Jan 2017 15:31:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1cWUDe-0005b4-FU; Wed, 25 Jan 2017 15:31:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Daniel Kahn Gillmor Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org, bugs@gnus.org Resent-Date: Wed, 25 Jan 2017 20:31:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 17391 X-GNU-PR-Package: emacs,gnus X-GNU-PR-Keywords: Original-Received: via spool by 17391-submit@debbugs.gnu.org id=B17391.148537624520533 (code B ref 17391); Wed, 25 Jan 2017 20:31:02 +0000 Original-Received: (at 17391) by debbugs.gnu.org; 25 Jan 2017 20:30:45 +0000 Original-Received: from localhost ([127.0.0.1]:43552 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWUDN-0005Kw-0I for submit@debbugs.gnu.org; Wed, 25 Jan 2017 15:30:45 -0500 Original-Received: from che.mayfirst.org ([162.247.75.118]:51310) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cWUDJ-0005GN-Bv; Wed, 25 Jan 2017 15:30:41 -0500 Original-Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 5B911F98C; Wed, 25 Jan 2017 15:30:40 -0500 (EST) Original-Received: by fifthhorseman.net (Postfix, from userid 1000) id CD57A201A6; Wed, 25 Jan 2017 15:30:36 -0500 (EST) In-Reply-To: <87a8aehpf8.fsf@informationelle-selbstbestimmung-im-internet.de> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:128488 Archived-At: --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On Wed 2017-01-25 15:09:47 -0500, Jens Lechtenboerger wrote: > On 2017-01-25, at 18:19, Lars Ingebrigtsen wrote: > >> Daniel Kahn Gillmor writes: >> >>> So in the scenario above, Bob's cert is still overall valid (because it >>> has a valid certification over the correct UserID+key from Alice), even >>> though the carol@example.org UserID is invalid. >>> >>> I don't know mml-mode or elisp well enough to dig into the code and fix >>> this part of the problem quickly, but if someone has patches that i can >>> look at that would point to where it might be changed, i'd be happy to >>> try to review them. >> >> I'm also mostly unfamiliar with the mml encryption code, but perhaps >> Jens could take a peek at this? > > mml2015-always-trust is replaced by mml-secure-openpgp-always-trust > nowadays. I certainly wouldn=E2=80=99t object if the default value was > changed, but lots of long-term users might be surprised. It's also possible that lots of long-term users might be surprised to find that refreshing one key in their keyring is likely to cause a change in behavior for the use of other keys in their keyring. this is a silent surprise, which seems worse than a public surprise. > Also, nowadays, if multiple keys are available for a recipient, the > user is asked which key to use and whether to store that choice. And how is that choice stored? How and when can it be revisited by the user? What happens if that choice becomes invalid in the future (e.g. the primary key, or the encryption-capable subkey is revoked, expired, etc)? > Then, EasyPG is responsible for calling GnuPG. Maybe something > needs to be adjusted there as well. What is the expected command > line behavior? Modern versions of GnuPG automatically select the key which GnuPG knows to have the best validity among all matches for the selector, thanks to work put in by Justus Winter (cc'ed), so letting GnuPG make the decision would relieve emacs of most of the hard work here, and would also mean that any changes that the user makes to their GnuPG keyring would automatically take effect in emacs without mml-mode needing to do anything. Modern versions of GnuPG also provide a "tofu" mechanism to store and track that kind of decision in. Neal Walfield (also cc'ed here) put in a lot of that implementation, so he might have some suggestions for the best way to handle it. Thanks for looking into this, Lars and Jens! --dkg --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOCdgUepHf6PklTkyFJitxsGSMjcFAliJCukACgkQFJitxsGS MjeHhRAAviRJHUEUusRrZqhqyxif3qFjuK0zrPn++CmKoJoq14iSBP8ovD32Idtu ShPS6zULdkdZu/pLrhwLgnlqtiwGynlWxBOGBHacSIZSeBc6TYCprETd836quJ8b 81aXw2f/+L8GMRLYb9vYnJGGrEUHu2JR4uwYUk613fTKLh2frKEUj+QBV90SlMpH hFTEKKeDlQYYCQjFEtLf+zqvHBAAeHR4EhqTrxzCjAH33hsND9ghcrWj+FD7mAyU n5HzTtP3B1/QYOsdZzRY1QdfJAPPLEOLkA6A2o8PmgXc9te2vWPzUjC0psrNtszW Su050vLQfFKrwk/q57CRyFJBuc66S/Wn6OKgx4acI4bHf8WbjAYgiI198ryfS+vj N3ABMyCBkMEvz3r2XefLh8LL2T4rRbuo003kkMMaYT4I61bfmEqbesnU3EeCmifK oL748vLg6Bs6kxh9cQ8PDMICXHunf1NaB2Pl3yS1A2IysoYjgpBKdHBR8t0orP6m iIGfMR/nTl0PvsA9GlyXX+J8d6LaoAIBxeVUvcx8EhoaYtUSx+ChOiQtazb7K6pm XzEbpDTCc6umjgRQ+Y0rLdx0Z33EBPeQRKn/zlU7KG+BkbGXYs062jb3HqWKWoOC GxZHJZs34QM45T9b3MR4iAoUVFq7HikfU7XitF5sA3OHd8OKrzo= =EixD -----END PGP SIGNATURE----- --=-=-=--